Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9697
Views
0
Helpful
3
Replies

Data Center Network Design options LAYER 2 CORE vs LAYER 3 CORE

ABDUL MAJID KHAN
Level 1
Level 1

‎03-14-2013 08:10 AM - edited ‎03-03-2019 07:00 AM

Dears,

I am designing the Datacenter Network using below details;

1: Nexus 7K as Core

2: Nexus 5K, N2K for Data Center Servers

3: 6513 as Core for Users Layer

4: Multiple layers of Firewalls + IPS (Internet, WAN, Data Center)

5: Data Center Firewall is Firewall on stick act as gateway for more than 20 DC Servers vlans

6: Load Balancers, Routers, etc

7: All devices uplinks are 10G

8: Redundant network with Mesh uplinks

9: Separate VTP domain for every encircle/color layer

10: Traffic Flow is between Layers and towards Internet

I have 2 design options (Diagram is attached);

1: Data Center Core as Layer 2

  • No SVI on N7K (core)
  • Core is a an aggregation point for all layers
  • Core is acting as hub connecting one layer to another
  • For example: Users layer traffic flow to Internet Layer
      • 6513 is gateway for all users vlans
      • Create an SVI on 65K (10.1.1.254)
      • Create an Interface on Internet Firewall (10.1.1.250)
      • Create a vlan on N7K = vlan 2
      • Assign the connection interfaces of 6513 to N7K = vlan 2
      • Assign the connection interfaces of Internet Firewall to N7K = vlan 2
      • Add routes
  • PROS:
      • Extra SVI (L3 Hop) is avoided on Core (N7K)
      • Your comments ??????????
  • CONS:
      • Risk of Layer 2 issues
      • Risk of Layer2 broad cost
      • Unlike Traditional Design: I could not find any Design reference supporting such design from Cisco or other vendor
      • Your comments??????????

2: Data Center Core as Layer 3

  • Create SVI on Core (N7K) for each layers connectivity
  • Core is a an aggregation point for all layers
  • Core is acting as Layer 3 connecting one layer to another
  • For example: Users layer traffic flow to Internet Layer
      • 6513 is gateway for all users vlans
      • Create an SVI on 65K (10.1.1.254)
      • Create an SVI on N7K (10.1.1.250)
      • Create an Interface on Internet Firewall (192.168.1.254)
      • Create an SVI on N7K (192.168.1.250)
      • Create a vlan on N7K = vlan 2
      • Create a vlan on N7K = vlan 3
      • Assign the connection interfaces of 6513 to N7K = vlan 2
      • Assign the connection interfaces of Internet Firewall to N7K = vlan 3
      • Add routes
  • PROS:
      • No risk of layer 2 issues
      • Layer 3 boundaries on Core
      • Traditional Design: supported with Cisco and other vendors reference documents
      • Your comments ??????????
  • CONS:
      • Extra/additional SVI(hop) is introduced in the Data Flow
      • Your comments??????????

Please share your ideas to know which design is better with pros and cons of each. Also recommend if i need to create any VDC on N7K.

BR,

ABDUL MAJID KHAN

2 people had this problem
Labels:
Preview file
133 KB
0 Helpful
3 Replies 3

matthew-frederick
Level 1
Level 1

‎03-18-2013 10:34 PM

in my experience - if you have the choice - always go with layer 3.

so many issues can arise with layer 2 and they are much harder to troubleshoot than layer 3 issues.

i dont think the extra hop is going to be that big of a deal especially if you are doing 10GB links the way through

0 Helpful

Richard Michael
Cisco Employee
Cisco Employee

‎03-19-2013 10:55 AM

Hi Abdul,

Best pratice is to set the boundary between the Layer 2 and Layer3.

Some of the best practices guide,

http://www.cisco.com/en/US/docs/switches/datacenter/sw/design/vpc_design/vpc_best_practices_design_guide.pdf

http://www.cisco.com/en/US/docs/solutions/Enterprise/Data_Center/nx_7000_dc.htm

As discussed on call, Please understand you business needs and contact our design team to proceed further.

Richard

0 Helpful

James Montigny
Level 1
Level 1

‎10-21-2015 08:41 AM

What did you end up doing and how did it work out?

0 Helpful
Customers Also Viewed These Support Documents